Add validateImageTag() method to DockerSandboxService that validates
Docker image references against a safe character pattern before any
container creation. Rejects empty tags, tags exceeding 256 characters,
and tags containing shell metacharacters (;, &, |, $, backtick, etc.)
to prevent injection attacks. Also validates the default image tag at
service construction time to fail fast on misconfiguration.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Drop all Linux capabilities by default (CapDrop: ALL)
- Enable read-only root filesystem (agents write to mounted /workspace volume)
- Limit process count to 100 to prevent fork bombs (PidsLimit)
- Add no-new-privileges security option to prevent privilege escalation
- Add DockerSecurityOptions type with configurable security settings
- All options are configurable via config but secure by default
- Add comprehensive tests for security hardening options (20+ new tests)
Refs #338
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add DEFAULT_ENV_WHITELIST constant with safe env vars (AGENT_ID, TASK_ID,
NODE_ENV, LOG_LEVEL, TZ, MOSAIC_* vars, etc.)
- Implement filterEnvVars() to separate allowed/filtered vars
- Log security warning when non-whitelisted vars are filtered
- Support custom whitelist via orchestrator.sandbox.envWhitelist config
- Add comprehensive tests for whitelist functionality (39 tests passing)
Prevents accidental leakage of secrets like API keys, database credentials,
AWS secrets, etc. to Docker containers.
Refs #338
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Sandbox now enabled by default for security
- Logs prominent warning when explicitly disabled
- Agents run in containers unless SANDBOX_ENABLED=false
Refs #337
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implemented three new API endpoints for knowledge graph visualization:
1. GET /api/knowledge/graph - Full knowledge graph
- Returns all entries and links with optional filtering
- Supports filtering by tags, status, and node count limit
- Includes orphan detection (entries with no links)
2. GET /api/knowledge/graph/stats - Graph statistics
- Total entries and links counts
- Orphan entries detection
- Average links per entry
- Top 10 most connected entries
- Tag distribution across entries
3. GET /api/knowledge/graph/:slug - Entry-centered subgraph
- Returns graph centered on specific entry
- Supports depth parameter (1-5) for traversal distance
- Includes all connected nodes up to specified depth
New Files:
- apps/api/src/knowledge/graph.controller.ts
- apps/api/src/knowledge/graph.controller.spec.ts
Modified Files:
- apps/api/src/knowledge/dto/graph-query.dto.ts (added GraphFilterDto)
- apps/api/src/knowledge/entities/graph.entity.ts (extended with new types)
- apps/api/src/knowledge/services/graph.service.ts (added new methods)
- apps/api/src/knowledge/services/graph.service.spec.ts (added tests)
- apps/api/src/knowledge/knowledge.module.ts (registered controller)
- apps/api/src/knowledge/dto/index.ts (exported new DTOs)
- docs/scratchpads/71-graph-data-api.md (implementation notes)
Test Coverage: 21 tests (all passing)
- 14 service tests including orphan detection, filtering, statistics
- 7 controller tests for all three endpoints
Follows TDD principles with tests written before implementation.
All code quality gates passed (lint, typecheck, tests).
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
